M0Us3Sun

**Name of the Vulnerable Software and Affected Versions** PHPCMS version 9 **Description** The issue allows remote attackers to cause a denial of service, specifically resource consumption, by sending a request to the "api.php?op=checkcode" endpoint with large values for the `font size`, `height`, and `width` parameters. **Recommendations** For PHPCMS version 9, consider restricting access to the "api.php?op=checkcode" endpoint or limiting the values that can be passed for the `font size`, `height`, and `width` parameters to prevent denial of service attacks.